you can also launch the graphical file browser with 'sudo nautilus' and navigate to the temporary directory

The utility will do a deep find of the system's hard disk, looking for folders named ".Private", and will interactively ask you if it's the folder you'd like to recover. If you answer "yes", you will then be prompted for the login passphrase that's used to decrypt your wrapped, mount passphrase. Assuming you have the correct credentials, it will mount your Encrypted Home or Private directory in read-only mode, and point you at the temporary directory where it's mounted.

I know many of us have requested a simplified method to do this. Once again, the community asked and we got :-)

One small typo on the manpage (http://manpages.ubuntu.com/manpages/natty/en/man1/ecryptfs-recover-private.1.html) - the link in the "SEE ALSO" section to your blog has chopped off the tail end of the hyperlink so it's invalid. It reads

Where do I send hugs?It's great, thanks so much! I just want to add my note (maybe you can add it to the post above) that by using a live-cd you have to "sudo nautilus" to the decrypted folder in order to see the files. I was getting "Permission denied" for quite some time till I figured I had to sudo :)

Thank you, thank you, thank you!While my backup drive was out of action a couple of months ago, my main PC drive decided to play up so I couldn't boot into Ubuntu and get 8 years of photos back. For some reason everything I read on wikis, blogs and forums didn't work and the stress (and guilt) was getting unbearable. Today, making a liveCD and following your instructions above put a massive smile on my face. I can't believe I've now got access to everything again and nothing is lost. Thank you so much for sharing your knowledge - I shall sleep well tonight!

I was able to follow your instructions and gain access through the terminal to my files, however my access is read only and since I'm using the LiveCD. I need to copy my files to an external drive then reformat and re-install Ubuntu. Is there a way to copy read only files?

I updated linux mint 10.11 to 11.04 after it has been recommended to install mint from scratch always. After adding the new resources for an apt-get distribution upgrade the installation failed. Additionally I have chosen the wrong grub option to let the former grub.config remain instead to use the new one.

So I started my netbook from a mobile usb ssd in persistence mode and with linux mint 11.04. It shall be the same as a Live CD, isnt'it? After two days and a lot of tries I found this very helpful blog of dustin. much thanks, dustin, there is light in the dark tunnel. But - amazing - I got this:

"Inserted auth tok with sig [d80e83c776b58ba8] into the user session keyringERROR: The key required to access this private data is not available."

Could you please be so kind to explain me this error and what I might do now?

This method doesn't work for me. I don't have any extra space or extra hard drives to copy my data over from the read only mount. I found an alternative method that worked for me and may be easier for some.

When doing a fresh install and during the account creation, create an temporary account different from the one you're restoring. If your account name was bob than create bob2. Log on the temporary account and open Terminal from Applications -> Accessories.

Type this. Note: I don't normally use shell to move files/folders so if I typed something wrong feel free to correct me. Remember to substitute "bob" with the account name you're restoring.

Open Users and Groups from System -> Administration. Click Add, enter the exact Name and Username of the account you want to restore and check box it to Encrypt it. Make sure you use the exact same password of the original account or this wont work. Make sure to change the account type to Administrator so you can delete your temporary account when you're done. Close out of that window.

Go back to Terminal and type this. Note: Remember to substitute bob with the account name you just created.

My 640GB laptop hd has bad sectors, after 2 frustrating days and following different other methods this finally worked for me! I would like to add that at the end when you do: "sudo nautilus" from the 11.04 live cd and go to the /tmp/encrypted folder to copy the data, open another terminal and do another: "sudo nautilus". You will have two nautilus windows so you can access your backup drive and copy to it without getting a permission denied if you just had a regular nautilus window open. Thanks for this guide!

well... I must not be doing this right :P When I follow these steps I get a bunch of encrypted files and directories in /tmp/ecryptfs.random ...so, recovered, yes, but useable? no. Any idea where I messed up?

I have 11.10, is this utility available in 11.10? I get command not found.. i tried looking for how to install it and no luck so far.. tried sudo apt-get install ecryptfs-utils but I get no installation candidate.. I can't download 11.04 anymore so it would be great if someone can point me to right direction..

PS: Lost 3 days and nights trying to recover the operating system after I accidentaly run rm -rfv / instead of rm -rfi /; Also the system didn't boot into recovery mode and additionaly - of course - I didn't remember where I physically stored the another passphrase.Tried your approach -> I'm able to work again!

hello, thanks for the info. actually in the readme in encrypted folder is also the same, just for me was not clear to run it as sudo and to mount to partition first (yes, I am newbie..), and was already trying the older method, recovering my mount passphrase and so on.. anyway, it was fun, learning a lot. thanks again.

I might didn't understand the underlying concept of eCryptfs, but why I'm not able to 'import' an encrypted Folder only by using the credentials e.g. passphrase?I'm able to 'import' it by using 'sudo ecryptfs-recover-private', this will mount it somewhere readonly in /tmp as far as I remember, but I want to mount it rw e.g. under ~/Privatw or wherever I want... on the remote system.

I can't get this to work. I suspect it is because I copied my old home directory (encrypted) onto a USB drive that was being used by Windows. So now I have a bunch of duplicity-inc. [other numbers].difftar.gpg files in it I can't access.

Any idea how to get to those? (The rescue command doesn't find them, probably because they're not .Private) I've already tried the "manual" method here (http://www.kaijanmaki.net/2009/10/26/recovering-files-from-ecryptfs-encrypted-home/) but it doesn't seem to work either.

I'm not sure if I was mistaken about how I got the .gpg files (I thought it was from copying over my home directory to a windows usb drive). Possibly I made them with the ubuntu default "backup" program. Regardless, I managed to recover them by using the "Restoring with Duplicity" instructions here: https://live.gnome.org/DejaDup/Help/Restore/WorstCase

Sadly this doesn't work as expected. I have an encrypted home on an external hard disk. I am also running a system with a new encrypted home on it. If I run ecryptfs-recover-private specifying the path to the .Private directory on the external disk and enter my login passphrase... it decrypts my home directory on my current installation (NOT the external disk) and mounts it on /tmp!

No matter how you look at it, something is wrong with this, because the interactive script specifically asks me:

INFO: Found [/media/external-disk/home/userX/.Private].Try to recover this directory? [Y/n]: y

I have the same issue as the previous Anonymous poster - fresh 12.04 installation with same username as on old system. Calling the program it asks whether to recover the old homedirectory but it mounts the new one.

Thanks. This app is genious. But how come I didn't find it immediately? Wake up, Canonical! Make this the first stop in your documentation. And secondly: How about offering this with a simple GUI in Ubuntu Software Center, maybe it could help on distribution.. call it disk decrypter or something like that so its searchable.

Printfriendly

About the Author

Previously, Dustin was the VP of Product at Canonical, having led the amazing team that delivers Ubuntu, from the Cloud to IoT commercial offerings.

Formerly the CTO of Gazzang, a venture funded start-up acquired by Cloudera, Dustin designed and implemented a key management system for cloud applications, called zTrustee, and delivered comprehensive security for cloud and big data platforms with eCryptfsand other encryption technologies.